@onfido/cordova-sdk
Advanced tools
This SDK provides a drop-in set of screens and tools for Cordova applications to allow the capture of identity documents and face photos/live videos for the purpose of identity verification with Onfido. The SDK offers a number of benefits to help you create the best onboarding/identity verification experience for your customers:
ℹ️
If you are integrating using Onfido Studio please see our Studio integration guide
* Note: the SDK is only responsible for capturing and uploading photos/videos. You still need to access the Onfido API to create and manage checks.
In order to start integration, you will need an API token. You can use our sandbox environment to test your integration, and you will find the API tokens inside your Onfido Dashboard. You can create API tokens inside your Onfido Dashboard as well.
You must create an Onfido Applicant before you start the SDK flow.
For a document or face check, the minimum applicant details required are firstName and lastName.
You must create applicants from your server:
$ curl https://api.onfido.com/v3/applicants \
-H 'Authorization: Token token=YOUR_API_TOKEN' \
-d 'first_name=Theresa' \
-d 'last_name=May'
The JSON response has an id field containing a UUID that identifies the applicant. All documents or live photos/videos uploaded by that instance of the SDK will be associated with that applicant.
You will need to generate and include a short-lived JSON Web Token (JWT) every time you initialise the SDK.
To generate an SDK Token, you should perform a request to the SDK Token endpoint in the Onfido API:
$ curl https://api.onfido.com/v3/sdk_token \
-H 'Authorization: Token token=YOUR_API_TOKEN' \
-F 'applicant_id=YOUR_APPLICANT_ID' \
-F 'application_id=YOUR_APPLICATION_BUNDLE_IDENTIFIER'
Make a note of the token value in the response, as you will need it later on when initialising the SDK.
Warning: SDK tokens expire 90 minutes after creation.
The application_id is the "Application ID" or "Bundle ID" that was already set up during development.
com.your-company.app-name.
ios/YourProjectName, click on the project root, click the General tab, under Targets click your project name, and check the Bundle Identifier field.com.example.yourapp.
build.config. For example, in android/app/build.gradle, it is the value of applicationId.If you are starting from scratch, you can follow the Cordova Documentation. A short instruction would look like this:
npm install -g cordovacordova create myapp. Replace "myapp" with the name you want to give to your application.cordova platform add android (for Android), cordova platform add ios (for iOS)cordova buildcordova run <platform>. Replace "platform" with the name of the platform you want to test your app on (e.g., "android" or "ios").NOTE: You will need to download and install Android Studio and Xcode.
Navigate to the root directory of your Cordova project. The rest of this section (section 4) will assume you are in the root directory. Run the following command:
$ npm install @onfido/cordova-sdk --save
$ cordova plugin add @onfido/cordova-sdk
Onfido Cordova SDK is available for Android 21+. Add these preferences into your application config.xml file:
<preference name="android-targetSdkVersion" value="33" />
<platform name="android">
<config-file target="res/xml/config.xml" parent="/*">
<feature name="OnfidoSdk">
<param name="android-package" value="com.plugin.OnfidoSdk.OnfidoSdkModule"/>
<param name="android-package-Response" value="com.plugin.OnfidoSdk.Response"/>
<param name="android-package-OnfidoSdkActivityEventListener" value="com.plugin.OnfidoSdk.OnfidoSdkActivityEventListener"/>
<param name="onload" value="true"/>
</feature>
</config-file>
<source-file src="src/android/OnfidoSdkModule.java" target-dir="src/com/plugin/OnfidoSdk"/>
<source-file src="src/android/OnfidoSdkActivityEventListener.java" target-dir="src/com/plugin/OnfidoSdk"/>
<source-file src="src/android/Response.java" target-dir="src/com/plugin/OnfidoSdk"/>
<framework src="src/android/onfido.gradle" custom="true" type="gradleReference"/>
</platform>
Onfido Cordova SDK is available for iOS 11+ and requires Swift version 5. Add these preferences into your application config.xml file:
<platform name="ios">
<preference name="deployment-target" value="11.0" />
<preference name="SwiftVersion" value="5" />
</platform>
You can launch the app with a call to Onfido.start. For example, once you have the sdkTokenFromOnfidoServer, your code might look like this:
async function runOnfidoSdk(withDocSelfy, withMotion, workflowRunId) {
const config = {
sdkToken: 'TOKEN', // IMPORTANT: see notes
hideLogo: false,
logoCoBrand: false,
enableNFC: false,
flowSteps: {
welcome: false,
captureDocument: {
countryCode: "FRA",
docType: "PASSPORT",
alpha2CountryCode: "FR"
},
captureFace: {
type: "MOTION"
}
}
}
const onComplete = (completeResponse) => {
console.log("success callback has been hit");
alert(completeResponse)
}
const onError = (completeResponse) => {
console.log("error callback has been hit");
alert(completeResponse)
}
window.cordova.plugins.onfido.start(onComplete, onError, config);
}
Once you have added the SDK as a dependency and you have a SDK token, you can configure the SDK:
Example configuration:
config = {
sdkToken: “EXAMPLE-TOKEN-123”,
flowSteps: {
welcome: true,
captureDocument: {
docType: OnfidoDocumentType.DRIVING_LICENSE,
countryCode: OnfidoCountryCode.USA
},
captureFace: {
type: OnfidoCaptureType.VIDEO
},
},
enableNFC: true
}
sdkToken: Required. This is the JWT sdk token obtained by making a call to the SDK token API. See section Configuring SDK with Tokens.
flowSteps: Required. This object is used to toggle individual screens on and off and set configurations inside the screens.
welcome: Optional. This toggles the welcome screen on or off. If omitted, this screen does not appear in the flow.
true, falsecaptureDocument: Optional. This object contains configuration for the capture document screen. If docType and countryCode are not specified, a screen will appear allowing the user to choose these values. If omitted, this screen does not appear in the flow.
docType: Required if countryCode is specified.
OnfidoDocumentType: PASSPORT, DRIVING_LICENCE, NATIONAL_IDENTITY_CARD, RESIDENCE_PERMIT, RESIDENCE_PERMIT, VISA, WORK_PERMIT, GENERIC.
Note: GENERIC document type doesn't offer an optimised capture experience for a desired document type.countryCode: Required if docType is specified.
OnfidoCountryCode: Any ISO 3166-1 alpha-3 code. For example: OnfidoCountryCode.USA.enableNFC: Optional. This toggles the ePassport NFC extraction feature. If omitted, this feature is not enabled in the flow. There are also application configuration changes needed to use this feature. To do that please follow Onfido Developer Hub
true, false.captureFace: Optional. This object contains options for the capture face screen. If omitted, this screen does not appear in the flow.
type: Required if captureFace is specified.
OnfidoCaptureType: PHOTO, VIDEO, MOTION.localisation: Optional. This object contains localisation configuration. See section Localization for the details.
config = {
sdkToken: “EXAMPLE-TOKEN-123”,
localisation: {
ios_strings_file_name: 'Localizable',
},
flowSteps: {
...
},
}
The response will include a face section if captureFace was specified, document section if captureDocument was specified, or both sections if they were both requested in the config.
Example:
{
document: {
front: { id: "123-abc" },
back: { id: "345-def" }
},
face: {
id: "456-567",
variant: "VIDEO" // PHOTO or VIDEO
},
}
The SDK will reject the promise any time the Onfido SDK exits without a success. This includes cases where:
Example
{
code: "config_error",
message: "sdkToken is missing"
}
The SDK supports and maintains the following 44 languages:
However, you can add your own translations.
By default, custom localisation is enabled on Android. There is no configuration needed on Cordova SDK to enable it. You could also provide custom translation for a locale that we don’t currently support, by having an additional XML strings file inside your resources folder for the desired locale. See Localisation section of Android SDK repo for the details.
You can also provide a custom translation for a locale that Onfido doesn't currently support. There is a simple configuration needed on the Cordova SDK to enable custom localisation.
localisation: {
ios_strings_file_name: '<Your .strings file name in iOS app bundle>',
},
cd ios, and open your XCode workspace.As the SDK is only responsible for capturing and uploading photos/videos, you would need to start a check on your backend server using the Onfido API.
All API requests must be made with an API token included in the request headers. You can find your API token (not to be mistaken with the mobile SDK token) inside your Onfido Dashboard.
Refer to the Authentication section in the API documentation for details. For testing, you should be using the sandbox, and not the live token.
You will need to create a check by making a request to the create check endpoint, using the applicant id. If you are just verifying a document, you only have to include a document report as part of the check. On the other hand, if you are verifying a document and a face photo/live video, you will also have to include a facial similarity report with the corresponding values: facial_similarity_photo for the photo option and facial_similarity_video for the video option.
$ curl https://api.onfido.com/v3/checks \
-H 'Authorization: Token token=YOUR_API_TOKEN' \
-d 'applicant_id=YOUR_APPLICANT_ID' \
-d 'report_names=[document,facial_similarity_photo]'
Note: You can also submit the POST request in JSON format.
You will receive a response containing the check id instantly. As document and facial similarity reports do not always return actual results straightaway, you need to set up a webhook to get notified when the results are ready.
Finally, as you are testing with the sandbox token, please be aware that the results are pre-determined. You can learn more about sandbox responses here.
Note: If you're using API v2, please check out API v2 to v3 migration guide to understand which changes need to be applied before starting to use API v3.
You can customize the SDK by adding a colors.json file to your project at the same level as your node_modules directory. The file should contain a single json object with the desired keys and values. For example:
{
"onfidoPrimaryColor": "#FF0000",
"onfidoPrimaryButtonTextColor": "#008000",
"onfidoPrimaryButtonColorPressed": "#FFA500",
"onfidoAndroidStatusBarColor": "#A52A2A",
"onfidoAndroidToolBarColor": "#800080",
"onfidoIosSupportDarkMode": true
}
Below is a description of all available keys:
onfidoPrimaryColor: Defines the background color of views such as the document type icon, capture confirmation buttons, and back navigation button.onfidoPrimaryButtonTextColor: Defines the text color of labels included in views such as capture confirmation buttons.onfidoPrimaryButtonColorPressed: Defines the background color of capture confirmation buttons when pressed.onfidoAndroidStatusBarColor: Android only. Defines the background color of the Toolbar that guides the user through the flow.onfidoAndroidToolBarColor: Android only. Defines the color of the status bar above the Toolbar.onfidoIosSupportDarkMode: iOS Only. Defines if Dark Mode will be supported on SDK screens. The value is true by default.You should add the colors.json file to your xcode project as bundle resource. You can create symbolic link (rather than copy paste) to prevent redundancy. You can check out SampleApp project to see example usage.
Then when running on an iOS device, the values will be picked up dynamically at runtime. For Android devices, to pick up the values, you will need to run the following command at the same level of your node_modules directory. This will also be run when running the npm --prefix node_modules/@onfido/onfido-cordova-sdk/ run updateOnfido command.
$ npm --prefix node_modules/@onfido/onfido-cordova-sdk/ run updateColors
Once you are happy with your integration and are ready to go live, please contact client-support@onfido.com to obtain live versions of the API token and the mobile SDK token. You will have to replace the sandbox tokens in your code with the live tokens.
A few things to check before you go live:
Resolving dependency conflicts
Here are some helpful resources if you are experiencing dependency conflicts between this Cordova SDK and other packages your app uses:
General advice
If you see issues, you can try removing node_modules, build directories, and cache files. Remove the platform specific projects and try to regenerate them.
Below is a list of known differences in expected behavior between the Onfido Android and iOS SDKs this Cordova SDK wraps:
passport uploaded through the iOS SDK will have the side attribute set to null, while those uploaded via Android will have side as front.Please open an issue through GitHub. Please be as detailed as you can. Remember not to submit your token in the issue. Also check the closed issues to check whether it has been previously raised and answered.
If you have any issues that contain sensitive information please send us an email with the ISSUE: at the start of the subject to react-native-sdk@onfido.com
Previous versions of the SDK will be supported for a month after a new major version release. Note that when the support period has expired for an SDK version, no bug fixes will be provided, but the SDK will keep functioning (until further notice).
Copyright 2023 Onfido, Ltd. All rights reserved.
The Onfido Cordova SDK is available under the MIT license.
FAQs
A Cordova plugin for the Ondifo native Android and iOS SDKs.
The npm package @onfido/cordova-sdk receives a total of 1,359 weekly downloads. As such, @onfido/cordova-sdk popularity was classified as popular.
We found that @onfido/cordova-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.